Verify TOTP verification

POST /api/experience/verification/totp/verify

Verifies the provided TOTP code against the new created TOTP secret or the existing TOTP secret. If a verificationId is provided, this API will verify the code against the TOTP secret that is associated with the verification record. Otherwise, a new TOTP verification record will be created and verified against the user's existing TOTP secret.

application/json

Body Required

code string Required

The TOTP code to be verified.

Minimum length is 1.
verificationId string

The verification ID of the newly created TOTP secret. This ID is required to verify a newly created TOTP secret that needs to be bound to the user account. If not provided, the API will create a new TOTP verification record and verify the code against the user's existing TOTP secret.

Responses

200 application/json

The TOTP code has been successfully verified.
Hide response attribute Show response attribute object
- verificationId string Required
  
  The unique verification ID of the TOTP verification record. For newly created TOTP secret verification record, this ID is required to bind the TOTP secret to the user account through Profile API.
400

Invalid TOTP code.
404

Verification record not found.

POST /api/experience/verification/totp/verify

curl \
 -X POST https://[tenant_id].logto.app/api/experience/verification/totp/verify \
 -H "Content-Type: application/json" \
 -d '{"code":"string","verificationId":"string"}'

Request examples

{
  "code": "string",
  "verificationId": "string"
}

Response examples (200)

{
  "verificationId": "string"
}